Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. A remote authenticated malicious user with low privileges could exploit this vulnerability to store malicious HTML or JavaScript code. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application.
                
            Metrics
Affected Vendors & Products
References
        | Link | Providers | 
|---|---|
| https://www.dell.com/support/article/SLN319512 |     | 
History
                    No history.
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: dell
Published: 2020-03-13T20:30:22.359692Z
Updated: 2024-09-17T02:02:12.080Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3770
 Vulnrichment
                        Vulnrichment
                    No data.
 NVD
                        NVD
                    Status : Modified
Published: 2020-03-13T21:15:11.940
Modified: 2024-11-21T04:42:29.870
Link: CVE-2019-3770
 Redhat
                        Redhat
                    No data.
 ReportizFlow
ReportizFlow